Security Advisory

CVE-2023-2623

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-27 13:17:20

Last updated 2024-11-27 19:18:07

Assigner WPScan

State PUBLISHED

Description

The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege users such as subscriber to retrieve sensitive information such as the user email and hashed password of other users

← Browse all CVEs View on cve.org ↗